Data protection and technology

The DATAflor Cloud technology uses Microsoft Azure cloud services as the basis. The decision for Azure was made consciously, as the services offered by Microsoft are the first to be the new ISO / IEC 27018 retain. The standard passed in August 2014 formulates the regulation for the processing of personal data in the cloud. Personal data is all information that says something about a natural person.

Microsoft attaches great importance to the fact that data that is processed in its own data centers is not owned by Microsoft, but remains in the property of the respective customer. This means that Microsoft only processes data on behalf of its customers. Microsoft is therefore not allowed to dispose of the data and pass it on to unauthorized third parties.

Microsoft cloud services are provided for European customers from two data centers in Europe. Specifically, the data centers are located in Amsterdam and Dublin. This means that these data centers are subject to European data protection laws. The data centers are designed to act as a backup for each other. This in turn means that the customer's data does not leave the European legal area even in the event of a disruption.

Legal information about Microsoft Azure Security with Microsoft Azure

The DATAflor Cloud services are an in-house development and consist of 3 components:

Service 1 / assignment DATAflor BUSINESS Server ⇔ mobile devices: The service manages the assignment of which terminal device belongs to which server. This ensures that only those in the DATAflor BUSINESS Cloud manager specified devices can communicate with the server in their own company. A connection to other companies or devices is excluded.

Service 2 / transmission of data packets: Based on the assignment of the devices from service 1, the data service mediates between BUSINESS Server and end devices and ensures that requested information reaches the correct addressee.

Service 3 / Notifications: Based on the assignment of the devices from service 1, the service notifies the devices when there is current data to be retrieved (so-called push notifications). These include new resubmissions in DATAflor CONNECT or new data for time recording in DATAflor TIME.

All data between BUSINESS servers ⇔ DATAflor CLOUD ⇔ end devices are sent via HTTPS connection transfer. The data packets temporarily stored in the cloud are AES-encrypted.

In general, the statement applies that in the DATAflor CLOUD does not retain any usable data or remain stored for a longer period of time. All data from DATAflor BUSINESS are stored centrally on the company's own server. Of the DATAflor Cloud service only forwards the data.

In principle, two different methods can be distinguished for data transmission:

Active requirement: Certain data are not available on the end devices (e.g. complete specifications included DATAflor CONNECT). However, the user can do this via the DATAflor Request cloud. In this case, the request for the data will be sent via the DATAflor Cloud transmitted to your own company, compiled there and transferred to the end devices via the cloud. There is no storage in the cloud.

Provision: In the company, data is actively compiled for certain devices (e.g. specifications for time recording at DATAflor TIME). After sending, it is temporarily stored in the DATAflor Cloud and the relevant device will be notified. As soon as the device has retrieved the data, the data will also be deleted here. If the data is not retrieved, it is automatically deleted after 5 days.

The data on the end device is not additionally encrypted. They are protected by the security mechanisms of the mobile device's operating system.

With the version DATAflor BUSINESS 2020 and TIME 3.0 live access was introduced. This requires changes in the treatment of the data.

Data transfer in live access: In the company, data is actively compiled for certain devices. The mobility service checks for changes in the configuration for the devices at 2-minute intervals and automatically sends this data packet to the DATAflor Cloud.

Certain data are not available on the end devices (e.g. construction sites, employees or devices in the TIME). However, the user can do this via the DATAflor Request cloud. In this case, the request for the data will be sent via the DATAflor Cloud transmitted to your own company. The mobility service adds the data to the configuration in the app manager and then calls the same routine that is called for automatic provisioning.

The device concerned retrieves this data packet automatically. If further changes are made before the device retrieves the data, these will be added to the existing data package.

After the retrieval, the data package is deleted. If the data is not retrieved, it is automatically deleted after 30 days.